Posted by: Anonymous Coward
on June 24, 2006 06:35 PM
On IRC networks, Tor prevents freedom from abuse. If a hundred people use Tor, and one of them abuses his privileges on a provider's network, the only alternative for a provider (other than allowing the abuse to continue) is to block all 100 users, because there is no way to differentiate among them. Because blocking large groups of users often is not a practical solution, that one problematic user can continue being a problem without any limitations.
Let me get this straight. You're running a publicly-hosted service without any built-in authentication/authorization, with lame workarounds to that problem. Now you're complaining that some other piece of software is screwing up the workarounds. How about, gosh, using a real messaging service? Like, say, maybe, Jabber?
This also takes away service providers' freedom to monitor access, and the freedom from abuse.
Only if the services the providers are providing rely upon IP addresses for said freedoms. Real ones don't. Lame ones do. It's your choice as a service provider.
If everyone on the Internet used Tor, and no one could figure out where anyone was coming from anymore, the Internet would be a complete anarchy...
Stop relying upon IP address as an identifier. Then, Tor poses no real problem. IP address isn't a good identifier, anyway, due to proxies, particularly the round-robin variety (see: AOL).
While IP-address-based restrictions may not be an ideal solution for managing services on the Internet, it is the best currently available.
Gee, I guess we need to develop something where a user...oh, I don't know...maybe has to use some sort of secret phrase in order to access a service, based upon a prior registration. Let's call it a "password" after the old game show. Betcha nobody's thought of that idea before!
Oh, wait...
The simplest solution would be to require registration of Tor users, and have service providers implement a system to check users' registration status. Though it wouldn't eliminate problems, it could reduce them and make them more manageable. Unfortunately, it would remove the very anonymity Tor seeks to create.
Not really. Or, more to the point, it doesn't change anything. Face facts: there is no absolute means of identification online. Witness the whole MySpace "what age is the user" problem that's making the rounds in the mass media. Tor creates anonymity for casual Internet use. Some service providers don't care about your freedoms, and hence Tor provides "complete" anonymity to them. If you are a service provider who does care, you can choose to do authentication/authorization; in this case, Tor users have their choice of supplying real or fake registration information. In the end, the service provider only has a statistical probability of having identifying information for any given user. Tor doesn't change that; it only changes the tactics used on both sides.
Learn about Linux
Download Linux
Get Linux help
Public Services Are, Um, Public
Posted by: Anonymous Coward on June 24, 2006 06:35 PMLet me get this straight. You're running a publicly-hosted service without any built-in authentication/authorization, with lame workarounds to that problem. Now you're complaining that some other piece of software is screwing up the workarounds. How about, gosh, using a real messaging service? Like, say, maybe, Jabber?
Only if the services the providers are providing rely upon IP addresses for said freedoms. Real ones don't. Lame ones do. It's your choice as a service provider.
Stop relying upon IP address as an identifier. Then, Tor poses no real problem. IP address isn't a good identifier, anyway, due to proxies, particularly the round-robin variety (see: AOL).
Gee, I guess we need to develop something where a user...oh, I don't know...maybe has to use some sort of secret phrase in order to access a service, based upon a prior registration. Let's call it a "password" after the old game show. Betcha nobody's thought of that idea before!
Oh, wait...
Not really. Or, more to the point, it doesn't change anything. Face facts: there is no absolute means of identification online. Witness the whole MySpace "what age is the user" problem that's making the rounds in the mass media. Tor creates anonymity for casual Internet use. Some service providers don't care about your freedoms, and hence Tor provides "complete" anonymity to them. If you are a service provider who does care, you can choose to do authentication/authorization; in this case, Tor users have their choice of supplying real or fake registration information. In the end, the service provider only has a statistical probability of having identifying information for any given user. Tor doesn't change that; it only changes the tactics used on both sides.
#